September 14, 2020


Network Security Efficacy in the Age of Pervasive TLS Encryption

As encryption becomes increasingly pervasive, network security administrators can struggle to maintain an acceptable level of security efficacy.

April 17, 2019


To the Depth of TLS Invisibility and Beyond

Encrypted traffic is changing the threat landscape...Encryption technology enables greater privacy and security to communicate and transact business online. Mobile, cloud, and web applications rely on well-implemented encryption mechanisms, using keys and certificates, to ensure confidentiality and trust.

February 1, 2018


TLS 1.3 and Forward Secrecy: Count Us In, and Here’s Why

The damage a hacker can do after discovering a server’s private encryption key is about to shrink considerably. That’s thanks to important improvements in the coming Internet Engineering Task Force...

December 27, 2017


The Impact on Network Security Through Encrypted Protocols – QUIC

QUIC stands for Quick UDP Internet Connections, an experimental protocol designed and deployed by Google.

February 14, 2017


The impact on network security through encrypted protocols – TLS 1.3

This post is the second part of my series around the impact of encrypted protocols on network security. You can find the first article about HTTP/2 here: Now let us focus on the new and upcoming specification of TLS 1.3. It is important to understand what advantages TLS 1.3 brings to us, but also […]

December 30, 2016


The impact on network security through encrypted protocols – HTTP/2

This is the start of a planned series of posts around the impact that new protocols are making on the way many of us deal with network security today. The protocols we have been using on the internet, mainly TCP with HTTP 1.1, have shown that they cannot deal with today’s requirements for fast and […]

October 4, 2016


ETSI/IQC’s 4th Workshop on Quantum-Safe Cryptography

Quantum computers could break commonly used public key algorithms, which would affect cryptography used today. For that reason, there has been great attention on quantum safe crypto recently. We have blogged about it in numerous occasions [1], [2] , [3]. In that context, last week the 4th ETSI/IQC on Quantum-Safe Cryptography in Toronto, Canada brought […]

January 27, 2016


Where is my (intermediate) TLS certificate?

When dealing with TLS connections, it is important to understand how a client (in most cases this is a web browser) will be acting. Let’s quickly check some of the steps that are happening when a TLS connection is made. A web server will send its certificate down to the requesting client during the TLS […]

January 25, 2016


Hiding in Plain Sight: Malware’s Use of TLS and Encryption

Introduction TLS (Transport Layer Security) is a cryptographic protocol that provides privacy for applications. TLS is usually implemented on top of common protocols such as HTTP for web browsing or SMTP for email. HTTPS is the usage of TLS over HTTP, which is the most popular way of securing communication between a web server and […]